No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications
Abstract
With the growing popularity of the Internet of Things (IoT), billions of devices are anticipated to be deployed in various industries without establishing trust between them. In environments without pre-established trust, reputation systems provide an effective method of assessing the trustworthiness of IoT devices. There has been considerable literature on deploying reputation systems in industries that have not yet established trust among themselves. Therefore, the paper reviews published studies on reputation systems for IoT applications to date, focusing on decentralised systems and decentralised systems using blockchain technology. These studies are evaluated regarding security (including integrity and privacy) and non-security requirements to highlight open research challenges. In alignment with this, an analysis and summary of the existing review studies on reputation systems for particular IoT applications are presented, demonstrating the need for a review article to consider all IoT applications and those that have not been explored. The IoT applications and sub-applications are described, and their problem statement, literature to date, and research gap are comprehensively evaluated. Finally, the open research challenges concerning reputation systems are reviewed and addressed to provide the researcher with a road map of potential research directions.
ResearchGate has not been able to resolve any citations for this publication.
Blockchain-based Reputation Systems (BRS) are a recent and essential development in decentralized trust and reputation management. The decentralization, transparency, and efficiency brought by Blockchain (BC) are clearly what we always hoped for to build effective trustless reputation systems. Despite these promising attributes, existing BRS face a critical challenge in countering common reputation attacks, including whitewashing, self-promotion, and bad-collision attacks. Currently, BRS rely on reputation scores or tokens linked to the same address or public key, which severely limits their widespread adoption as it raises concerns about possible retaliation, hence the reluctance of users to engage and provide feedback. In this work, we propose and develop a Decentralized Anonymous Reputation System (DARS) for trust-related applications. In DARS, users can use different pseudonyms when interacting with each other to hide their digital identities. In our system design, all pseudonyms of a specific user, yet, are cryptographically linked to the same access token, allowing honest users to maintain their reputation and preventing malicious ones from starting over. This is achieved through the use of zkSNARK proofs for set membership via Merkle trees over commitments. We extended our framework with an efficient reputation model that respects all the security and privacy properties of our formal model. Finally, we developed a prototype of the proposed framework using emerging technologies and cryptographic tools. The evaluation results demonstrate the feasibility and effectiveness of DARS.
Today’s advancement in Vehicular Ad-hoc Networks (VANET) constitutes a cornerstone in ensuring traffic safety in Intelligent Transportation Systems (ITS). In this context, vehicle-to-vehicle (V2V) communications are a pivotal enabler for road safety, traffic optimization, and pedestrian protection. However, V2V communications lack effective and efficient security solutions that can adequately ensure the trustworthiness of the source of the transmitted content. In this work, we originally propose DIVA, i.e., a Decentralized Identifier-based reputation system for secure transmission in VAnets. In particular, we claim the suitability of utilizing IOTA, a Direct Acyclic Graph (DAG)-based ledger, to securely store reputation scores and of leveraging Decentralized Identifiers (DIDs) to identify participating vehicles. DIVA also incorporates and implements a reputation algorithm that computes reputation scores by analyzing both safety and non-safety messages, exchanged among vehicles and Road Side Units (RSUs) in compliance with the related European Telecommunications Standards Institute (ETSI) standards. Thus, DIVA can effectively identify malicious contributors and decrease their reputation scores. The reported experimental results clearly show the feasibility and effectiveness of DIVA, by working on an extended and comprehensive dataset of realistic V2V messages; the dataset has been made openly accessible to the research community, also to increase result reproducibility.
Cloud computing provides software, infrastructure, and platform as services and reduces the cost of usage for cloud customers. Recently, a system architecture called Fog and Edge Computing (FEC) has been introduced that fills the gap between cloud and things toward the continuum of service and optimizes cloud computing resources by processing time-sensitive data near the data generation source at the network edge. Since the FEC environment includes myriad heterogeneous computing nodes, some of the FEC nodes may be un-trustful or even malicious; therefore, these un-trustworthy nodes could disrupt the normal activity of FEC in data storing and processing. Consequently, FEC trust management is crucial to provide trustworthy data processing and improve user privacy. Despite the critical importance of trust management issues in the FEC, any systematic review in this field has not been performed. This paper presents a systematic review of 74 high-quality articles related to FEC trust management published between 2015 and July 2021. To this end, selected FEC trust management approaches are categorized into three main classes: algorithm, architecture, and model/framework. Additionally, this paper discusses and compares the FEC trust management approaches based on merits and demerits, evaluation techniques, tools and simulation environments, and important trust metrics. Finally, some open issues and future trends for the oncoming studies are highlighted.
Edge computing offloads the data processing capacity to the user side, provides flexible and efficient computing services for the development of smart city, and brings many security challenges. Aiming at the problems of fuzzy boundary security protection and dynamic identity authentication in the edge computing environment in smart city, the zero trust architecture based on blockchain is studied, and a digital identity model and dynamic authentication scheme of edge computing nodes based on distributed ledger are proposed. Firstly, a digital identity model of two-way authentication between edge computing node and sensing terminal is established to realize fine-grained authorization and access control in edge computing. Secondly, based on the identity data and behavior log bookkeeping on the chain, the quantification of trust value, trust transmission and update are realized, and the traceability of security events is improved. Finally, based on the improved RAFT consensus algorithm, the multi-party consensus and consistency accounting in the authentication process are realized. Simulation results show that this scheme can meet the requirements of zero trust verification in edge computing environment, and has good efficiency and robustness.
The Internet of Things (IoT) allows an object to connect to the Internet and observe or interact with a physical phenomenon. The communication technologies allow one IoT device to discover and communicate with another in order to exchange services, in a similar way to what humans do in their social networks. Knowing the reputation of another device is important to consider whether it is trustworthy before establishing a new connection and thus, avoid possible unexpected behaviors as a consequence. Trustworthiness, as a property of a device, can be affected by different factors including its geographical location. Hence, this research work proposes an architecture to manage reputation values of end devices in an IoT system based on the area where they are located. A cloud–fog–edge architecture is proposed, where the fog layer uses the Blockchain technology to keep the reputation management system consistent and fault tolerant across different nodes. The location-based part of the system was done by storing geographical areas in smart contracts (coined as geospatial smart contracts) and making the reputation values subject to different regions depending on the geographical location of the device. To reduce the complexity of the spatial computation, the geographical data are geocoded by either one of two different spatial indexing techniques. This work also introduced two different structures for storing geocoded areas based on either cell list or tree structure. Finally, three experiments to test the proposed architecture are presented, to deploy the architecture in IoT devices, and to compare the two geocoding techniques in smart contracts.
Future autonomous vehicles will rely heavily on sharing and communicating information with other vehicles to maximize their efficiency. These interactions, which will likely include details about the positions of surrounding vehicles and obstacles on the road, are essential to their decision-making and the prevention of accidents. However, malicious vehicles—those that intentionally communicate false information—have the capacity to adversely influence other vehicles in the network. This paper presents and evaluates a reputation management system, capable of identifying malicious actors, to mitigate their effects on the vehicle network. The viability of multiple report weighting schemes to calculate reputation is evaluated through a simulation, and a blockchain-based backend for the reputation management system to securely maintain and communicate reputation data is proposed. Storage and computational challenges are considered. This paper shows that weighting schemas, related to the number and reputation of witnesses, positively affect the accuracy of the model and are able to identify malicious vehicles in a network with consistent accuracy and scalability.
The massive adoption of electric vehicles (EVs) has caused an increasing demand for electric energy to charge the vehicles. Efficiently managing energy trading between energy providers and energy consumers can lead to meet the high demand for charging EVs while reducing its cost compared to traditional power provided by the utility company. However, a large portion of the existing systems leveraged for trading energy between EVs are centralized and fall short in providing transparency, reliability, audit, security, and trustworthy features. In this paper, we propose blockchain-based energy trading using an auctioning and reputation scheme. We develop Ethereum smart contracts which enable owners of EVs to automatically request electricity to charge their vehicles in a reliable, cost-effective, secure, and trustworthy manner. The proposed approach ensures the lowest rate available by implementing a reverse auctioning scheme for fair competition between providers to provide the requested service at the lowest cost. The proposed solution enforces high quality of service through a reputation-based approach that quantifies the performance of the service providers and gives an advantage to more reputable providers. We present the implementation details of the deployed system on a test Ethereum blockchain platform. We perform system testing and evaluation to validate and assess the functionality and performance of the proposed solution. Furthermore, we present security and cost analyses to show the affordability, robustness, and practicality of the proposed approach.
The enhancement (in the past decade) in electronics devices/technology, a rise in most of the accidents concerning security and surveillance intruding the private lives of the users question the existing systems being used to combat this challenge wherein, the third-parties gather and handle large amounts of individual details. As part of the constant evolution of the cyber physical system architecture, one of the goals of our system is to reduce the latency time for enrollment of new information. Generally, the efficiency and benefit of a Cyber Physical Systems (CPS) depends heavily on interconnection of individual devices or nodes. Exchange of data and information relevant to an overall task or functionality is the key to many applications such as smart grids, smart cities, and many others. Trustworthiness of data is needed to make such systems (especially in MCPS systems) successful. To be able to fulfill policies to guarantee the safety of all entities within a Medical Cyber Physical Systems (MCPS) and to provide security measures to enforce these cryptographic solutions have to be embedded. This paper describes a decentralized e-healthcare application framework for personal data management that ensures that users own and access their data. This work proposes a novel mechanism to secure Medical Cyber Physical Systems (MCPS), i.e., as an automated access-control manager (including building trust in a third party). This work also integrates some features in security building blocks in ultra-small devices to provide essential properties to secure embedded systems.
As an emerging concept in the intelligent transportation system (ITS), Opportunistic Autonomous Vehicle Platoon (OAVP) enables autonomous vehicles to self-organize a temporary platoon and travel together. Whereas, electing the platoon leader is a crucial issue to be solved in this scenario. The platoon leader not only suffers from more wind resistance but also spends more computation resources in dealing with tremendous information obtained from the surrounding environment. Hence, vehicles tend to be a follower rather than a leader. In this paper, we propose a reputation-based leader election system for OAVP named RLE, which contains two sub-systems: leader election and incentive mechanism. In the former one, a reputation-based election scheme is first constructed to elect a relatively trustful leader according to the reputation value recorded on the blockchain. The proposed scheme integrates previous experience with recommendations from other members. In the second sub-system, an incentive mechanism is designed to stimulate platoon members to participate actively in the process of election, which is based on the recorded real-time fuel economy among vehicles participating in a platoon. Security analysis shows that the system is sufficient to deal with potential security threats. Experimental results based on the simulated platform demonstrate the practicality and feasibility of our solution.
5G-enabled drones have potential applications in a variety of both military and civilian settings (e.g., monitoring and tracking of individuals in demonstrations and/or enforcing of social/ physical distancing during pandemics such as COVID-19). Such applications generally involve the collection and dissemination of (massive) data from the drones to remote data centers for storage and analysis (e.g., via 5G networks). Consequently, there are security and privacy considerations underpinning 5G-enabled drone communications. We posit the potential of leveraging blockchain to facilitate privacy preservation, and therefore in this article we review existing blockchain-based solutions after introducing the architecture for 5G-enabled drone communications and block-chain. We also review existing legislation and data privacy regulations that need to be considered in the design of blockchain-based solutions, as well as identify potential challenges and open issues that will hopefully inform future research.
Mobile edge crowdsensing is capable of providing a large amount of data via pervasive mobile teminals for Industrial Internet of Things (IIoT). However, the generated data often contains users’ sensitive information, which suggests the significance of privacy-preserving in data aggregation and analysis for IIoT. Privacy-preserving in mobile edge crowdsensing have conflicting objectives, i.e., the edge fusion center (FC) requires data of better quality for data fusion with higher accuracy whereas participatory users (PUs) desire better privacy-preserving by larger noise injection. Therefore, how to select proper noises to achieve the trade-off between accuracy and privacy is a challenging problem. In addition, FC is subject to data tempering due to the lack of data reliability validations and incentive mechanisms. To tackle these problems, we propose a novel Privacy-Preserving mobile edge Crowdsensing Strategy (PPCS) for IIoT. Specifically, PPCS provides a Kullback-Leibler privacy-preserving data aggregation using a reputation based incentive mechanism. On the other hand, PPCS offers hypothesis test based data reliability validation and PU’s reputation update, which collaborate to ease the impact of tampered data. Meanwhile, a reinforcement learning algorithm, the expected Sarsa, is applied to obtain the optimal test threshold. Theoretical analysis and experiment results show that PPCS is an energy-efficient strategy and the data provided by PPCS has a better aggregation accuracy than certain baseline strategies.
Most of the existing smart parking systems threaten the drivers’ privacy by revealing information about their visited locations. Moreover, they are centralized making them vulnerable to a single point of failure and attack, which threatens the availability of the parking service. They also suffer from a lack of transparency, where the centralized service organizer may favor some parking lots by booking their parking slots first. To tackle these concerns, we propose a blockchain-based smart parking system with privacy preservation and reputation management. In our system, a consortium blockchain is created by different parking lots to run the parking system securely and transparently, where the parking offers are recorded on a shared and immutable ledger. We use a commitment technique during the submission of the offers to ensure fair parking rates. Then, we use a private information retrieval technique during the offers retrieval to preserve the drivers’ location privacy. Furthermore, to anonymously and efficiently authenticate drivers during the reservation process, we use a short randomizable signature. We also use a time-locked anonymous payment technique to discourage drivers from not committing to their parking reservations and provide a secure and privacy-preserving payment method for parking service. Finally, we integrate a blockchain-based anonymous reputation management scheme into our system, where drivers can anonymously rate the parking service to ensure high quality of service. Our evaluations demonstrate that our smart parking system is secure and capable of preserving drivers’ privacy with low communication, computation, and storage overheads.
Many researchers challenge the possibility of using blockchain and smart contracts to disrupt the Internet of Things (IoT) architecture because of their security and decentralization guarantees. However, the state-of-the-art blockchain architecture is not scalable enough to satisfy the requirements of massive data traffics in the IoT environment. The main reason for this issue is one needs to choose the consensus trade-off between either coping with a high throughput or a high number of nodes. Consequently, this issue prevents the applicability of blockchain for IoT use cases. In this paper, we propose a scalable two-tiered hierarchical blockchain architecture for IoT. The first tier is a Core Engine, which is based on a Practical Byzantine Fault Tolerance (PBFT) consensus to cope with a high throughput, that supervises the underlying subordinate engines (sub-engines) as its second tier. This second tier comprises of the Payment, Compute, and Storage Engine, respectively. We can deploy multiple instances of these sub-engines as many as we need and as local as possible near to the IoT domains, where IoT devices reside, to cope with a high number of nodes. Furthermore, to further extend the scalability of the proposed architecture, we also provide additional scalability features on the Core Engine such as request aggregation, request prioritization, as well as sub-engine parallelism. We implement all of our engines and expose them to IoT applications through the Engine APIs. With these APIs, developers can build and run IoT applications in our architecture. Our evaluation results show that our proposed features on the Core Engine can indeed enhance the overall performance of our architecture. Moreover, based on our proof-of-concept IoT car rental application, we also show that the interoperability between sub-engines through the Core Engine is possible, even when the particular sub-engine is under sub-engine parallelism.
We present a reputation-based framework for allocating power to plug-in electric vehicles (EVs) in the smart grid. In this framework, the available capacity of the distribution network
measured by distribution-level phasor measurement units is divided in a proportionally fair manner among connected EVs, considering their demands and self-declared deadlines.
To encourage users to estimate their deadlines more precisely and conservatively, a weight is assigned to a each deadline based on the user's reputation, which comprises two kinds of evidence: deadlines declared before and after the actual departure times in the recent past. Assuming reliable communication between sensors installed in the network and charging stations, we design a decentralized algorithm which allows the users to independently compute their fair share based on signals received from upstream sensors without sharing their private information, e.g., their deadline, with a central scheduler. We prove that this algorithm achieves quadratic convergence under specific conditions and evaluate it empirically on a test distribution network by comparing it with a centralized algorithm which solves the same optimization problem, a decentralized gradient-projection algorithm with linear convergence, and earliest-deadline-first and least-laxity-first scheduling policies. Our results corroborate that the proposed algorithm can track the available capacity of the network despite changes in the demands of homes and other inelastic loads, improves a fairness metric, and increases the overall allocation to users who have a better reputation.
Federated learning (FL) is the collaborative machine learning (ML) technique whereby the devices collectively train and update a shared ML model while preserving their personal datasets. FL systems solve the problems of communication-efficiency, bandwidth optimization, and privacy-preservation. Despite the potential benefits of FL, one centralized shared ML model across all the devices produce coarse-grained predictions which, in essence, are not required in many application areas involving personalized prediction services. In this paper, we present a novel concept of fine-grained FL to decentralize the shared ML models on the edge servers. We then present a formal extended definition of fine-grained FL process in mobile edge computing systems. In addition, we define the core requirements of fine-grained FL systems including personalization, decentralization, fine-grained FL, incentive mechanisms, trust, activity monitoring, heterogeneity and context-awareness, model synchronization. and communication and bandwidth-efficiency. Moreover, we present the concept of blockchain-based reputation-aware fine-grained FL in order to ensure trustworthy collaborative training in mobile edge computing systems. Finally, we perform the qualitative comparison of proposed approach with state-of-the-art related work and found some promising initial results.
A disruptive technology often used in finance, Internet of Things (IoT) and healthcare, blockchain can reach consensus within a decentralised network—potentially composed of large amounts of unreliable nodes—and to permanently and irreversibly store data in a tamper-proof manner. In this paper, we present a reputation system for Intelligent Transportation Systems (ITS). It considers the users interested in traffic information as the main actors of the architecture. They securely share their data which are collectively validated by other users. Users can choose to employ either such crowd-sourced validated data or data generated by the system to travel between two locations. The data saved is reliable, based on the providers’ reputation and cannot be modified. We present results with a simulation for three cities: San Francisco, Rome and Beijing. We have demonstrated the impact of malicious attacks as the average speed decreased if erroneous information was stored in the blockchain as an implemented routing algorithm guides the honest cars on other free routes, and thus crowds other intersections.
Distributed Ledger Technologies (DLTs), like Blockchain, are characterized by features such as transparency, traceability, and security by design. These features make the adoption of Blockchain attractive to enhance information security, privacy, and trustworthiness in very different contexts. This paper provides a comprehensive survey and aims at analyzing and assessing the use of Blockchain in the context
of Distributed Trust and Reputation Management Systems (DTRMS). The analysis includes academic research as well as initiatives undertaken in the business domain. The paper defines two taxonomies for both Blockchain and DTRMS and applies a Formal Concept Analysis. Such an approach allowed us to identify the most recurrent and stable features in the current scientific landscape and several important implications among the two taxonomies. The results of the analysis have revealed significant trends and emerging practices in the current implementations that have been distilled into recommendations to guide Blockchain’s adoption in DTRMS systems.
The Internet of Things, or IoT, is the network of connected computing devices that have the ability to transfer valued data between each other via the Internet without requiring human intervention. In such a connected environment, the Social Internet of Things (SIoT) has become an emerging trend where multiple IoT devices owned by users support communication within a social circle. Trust management in the SIoT network is imperative as trusting the information from compromised devices could lead to serious compromises within the network. It is important to have a mechanism where the devices and their users evaluate the trustworthiness of other devices and users before trusting the information sent by them. The privacy-preservation, decentralization and self-enforcing management without involving trusted third parties are the fundamental challenges in designing a trust management system for SIoT. To fulfill these challenges, this paper presents a novel framework for computing and updating the trustworthiness of participants in the SIoT network in a self-enforcing manner without relying on any trusted third party. The privacy of the participants in the SIoT is protected by using homomorphic encryption in the decentralized setting. To achieve the properties of self-enforcement, the trust score of each device is automatically updated based on its previous trust score and the up-to-date tally of the votes by its peers in the network with zero-knowledge proofs to enforce that every participant follows the protocol honestly. We evaluate the performance of the proposed scheme and present evaluation benchmarks by prototyping the main functionality of the system. The performance results show that the system has a linear increase in computation and communication overheads with more participants in the network. Furthermore, we prove the correctness, privacy, and security of the proposed system under a malicious adversarial model.
Participatory sensing is gaining popularity as a method for collecting and sharing information from distributed local environments using sensor-rich mobile devices. There are a number of participatory sensing applications currently in wide use, such as location-based service applications (e.g., Waze navigation). Usually, these participatory applications collect tremendous amounts of sensing data containing personal information, including user identity and current location. Due to the high sensitivity of this information, participatory sensing applications need a privacy-preserving mechanism, such as anonymity, to secure and protect personal user data. However, using anonymous identifiers for sensing sources proves difficult when evaluating sensing data trustworthiness. From this perspective, a successful participatory sensing application must be designed to consider two challenges: (1) user privacy and (2) data trustworthiness. To date, a number of privacy-preserving reputation techniques have been proposed to satisfy both of these issues, but the protocols contain several critical drawbacks or are impractical in terms of implementation. In particular, there is no work that can transparently manage user reputation values while also tracing anonymous identities. In this work, we present a blockchain-based privacy-preserving reputation framework called BPRF to transparently manage user reputation values and provide a transparent tracing process for anonymous identities. The performance evaluation and security analysis show that our solution is both practical and able to satisfy the two requirements for user privacy and data trustworthiness.
Public fog nodes extend cloud services for the Internet of Things (IoT) clients and smart devices to provide additional computation capabilities, storage space, and reduce latency and response time. The openness and pervasiveness of public fog nodes leads to the requirement of using trust models to ensure reliability, security, privacy, and meet the service-level agreements (SLAs). Conventional trust models for public fog nodes are centrally configured, deployed, and maintained considering security, privacy, and SLA requirements. However, these trust models enforce centralized governance policies across the system which leads towards the single-point-of-failure and single-point-of-compromise over IoT devices' and users' personal data. This paper proposes a decentralized trust model in order to maintain the reputation of publicly available fog nodes. The reputation is maintained considering users' opinions about their past interactions with the public fog nodes. The proposed trust model is designed using public Ethereum blockchain and smart contract technologies in order to enable decentralized trustworthy service provisioning between IoT devices and public fog nodes. The proposed approach is tested and evaluated in terms of security, performance, and cost. The results show that using blockchain for decentralized reputation management could become more advantageous when compared to the existing centralized trust models.
Crossroads are the main traffic jam generators in densely populated cities. Unmanned vehicles and intelligent transportation systems can significantly reduce congestion and improve road safety by eliminating the main cause of traffic accidents—the human factor. However, full confidence in their safety is necessary. This paper addresses the contextual data integrity problem, when an unmanned autonomous vehicle transmits incorrect data due to technical problems, or malicious attacks. We propose an approach based on trust and reputation that allows detecting vehicles transmitting bogus data. To verify the feasibility of the approach on practice, we conducted both software and physical simulations using the model of intersection and unmanned autonomous vehicle models. The simulation results show that the approach applied allows detecting vehicles with bogus data and excluding them from the group, thus increasing the safety of the intersection traversal by other vehicles.
Over the past two decades, traffic authorities in many cities have developed so-called parking guidance and information systems (PGI) to help drivers to find the available parking spaces. In Cairo, the capital of Egypt, the PGI has been recently implemented in 2015. This research mainly aims to develop and assess a new approach for introducing parking information based on a smartphone application that can inform the users about the number of available parking spaces within the studied garages not only in the real-time but also in the near future based on historical data. The need for such an application was investigated before deployment by a questionnaire survey, while post-deployment feedback was used to evaluate the developed application as a tool to enhance and overcome the current parking management system defects. In addition, the current parking management system has been evaluated based on drivers' opinion. The results showed that despite the PGI system has been deployed since 2015, only 70% of the participants were aware of this system. Out of them, 23% used the system. The main purpose of this is that the VMSs were not working sufficiently and some of them are not clear enough to the drivers. Around 46% of the interviewed drivers stated that when they didn't find a space in the garage, they usually do not find an alternative parking space easily and they waste around 15 to 20 minutes searching for available parking spaces, while the average search time for those who are using the system was between 5 to 10 minutes. Finally, 99% of the participants believe that using more advanced parking guidance system through smartphone application will be more useful. A smartphone application has been developed as an advanced alternative tool for providing users with the number of available parking spaces not only in the current time but also in the near future time. This was done by developing predictive models for parking spaces availability at each garage over the daytime using the collected data. This application was evaluated based on the feedback of about 70 participants who used the application. The feedback analysis showed that 82% of the users were satisfied with the application, only one out of 70 participants have complained about the ease of use. Also, 89% of the participants have agreed that the application help in reducing parking search time with an overall average of 8 minutes.
The introduction of autonomous buses and taxis is expected to generate such benefits as cost reductions—and particularly for regional bus operations with a substantial deficit—as well as enhancing public transit accessibility through decreased trip costs. The purpose of this paper is to provide an overview of the impacts of introducing autonomous buses and taxis on metropolitan transportation systems by quantifying the costs of travel in Japan, and to discuss the potential benefits. First, this study sets the assumptions on autonomous driving technology, including its impacts on vehicle costs, the decreased labor costs for driving and safety monitoring in buses and taxis, and decreased driving stress for private car users. Next, operating costs are computed for autonomous buses and taxis in Japanese metropolitan areas. The costs of travel, or the sum of monetary and time costs, are then computed with and without vehicle automation for different trip types in high- and low-density metropolitan areas. The results highlight that the costs of public transit trips that currently have a smaller share of time costs in overall trip costs could decrease considerably due to vehicle automation. For instance, costs for 10–20-km trip lengths could decrease by 44–61% for taxi trips and 13–37% for rail/bus trips with taxi access, followed by a decrease of 6–11% for bus trips and 1–11% for rail trips with bus access. Further, private car trip costs could decrease by 11–16%. More substantial cost reductions in rail/bus trips with taxi access could occur in the case of smaller trip distances and/or in residential areas far from stations; larger reductions in rail trips with bus access could occur in low-density metropolitan areas. Finally, it is expected that vehicle automation in more fixed modes of public road transit could primarily benefit the transit industry and government, with such effects as improved labor productivity and reduced subsidies, while vehicle automation in more flexible modes could benefit metropolitan residents as well as the transit industry. This further suggests that a deficit of regional bus operations could be recovered during the transition to the full performance of autonomous buses.
Mobile crowdsensing (MCS) is an emerging data collection paradigm that exploits the potential of individual mobile devices to acquire mass data in a cost-effective manner. One of the important challenges in MCS application is to resist malicious users who provide false data to disturb the system. In existing work, the reputation management scheme is an effective way to overcome the challenge. However, most reputation management schemes rely on a semi-honest server and process data in the plaintext domain without considering server security and user privacy. In this paper, we integrate blockchain and edge computing in the mobile crowdsensing scenario to construct a credible and efficient blockchain-based mobile crowdsensing system, called BC-MCS. To resist malicious users, we present a privacy-preserving reputation management scheme based on the proposed system. Furthermore, we design a delegation protocol to solve the inherent problem of user dynamics in MCS. The prototype system implemented on Hyperledger Sawtooth and Android client demonstrates that our scheme can achieve higher utility and security levels in handling malicious users compared with previous centralized reputation management schemes.
Internet of Things (IoT) creates a world where smart objects and services interacting autonomously. Taking into account the dynamic-heterogeneous characteristic of interconnected devices in IoT, demand for a trust model to guarantee security, authentication, authorization, and confidentiality of connected things, regardless of their functionality, is imperative. However, as far as we know, against the centrality of trust-based recommendation mechanisms in the IoT environment, there is no ambient study for investigating its techniques. In this paper, we present a systematic literature review (SLR) of trust based IoT recommendation techniques so far. Detailed classifications based on extracted parameters as well as investigation existing techniques in three different IoT layers put forth. Moreover, the advantages, disadvantages and open issues of each approach are introduced that can expand more frontier in obtaining accurate IoT recommendation in the future.
In this paper we present a case study of IoT cloud participatory sensing where a user sends a query to the cloud about the air quality of a location at a particular time to decide if it should enter the location based on its susceptibility to the air quality detected. All IoT devices (e.g., smart phones carried by humans or smart cars driven by humans) capable of detecting air quality can act as participants and submit sensing reports to the cloud for sensing result aggregation. The major challenge is the selection of trustworthy participants because not all IoT devices will be trustworthy. We leverage a “Trust as a Service” (TaaS) cloud utility to address the issue of selecting trustworthy participants. Using real traces of ozone (O3) levels and mobility traces of users in the O3 community of interest (O3COI) group in the city of Houston, we demonstrate that TaaS outperforms contemporary IoT trust protocols in selecting trustworthy participants. We compare the performance of the TaaS cloud utility with two contemporary IoT trust protocols for supporting trust-based IoT participatory sensing applications. With the help of the TaaS cloud utility, a user in this O3COI group is able to obtain O3 readings very close to the ground truth O3 level despite 30% participants are untrustworthy.
The purpose of a reputation system is to hold the users of a distributed application accountable for their behavior. The reputation of a user is computed as an aggregate of the feedback provided by fellow users in the system. Truthful feedback is clearly a prerequisite for computing a reputation score that accurately represents the behavior of a user. However, it has been observed that users can hesitate in providing truthful feedback because, for example, of fear of retaliation. Privacy-preserving reputation systems enable users to provide feedback in a private and thus uninhibited manner. In this survey, we propose analysis frameworks for privacy-preserving reputation systems. We use these analysis frameworks to review and compare the existing approaches. Emphasis is placed on blockchain-based systems as they are a recent significant development in the area. Blockchain-based privacy-preserving reputation systems have properties, such as trustlessness, transparency, and immutability, which prior systems do not have. Our analysis provides several insights and directions for future research. These include leveraging blockchain to its full potential in order to develop truly trustless systems, to achieve some important security properties, and to include defenses against common attacks that have so far not been addressed by most current systems.
In illicit online markets, actors are pseudonymous, legal institutions are absent, and predation is ripe. The literature proposes that problems of trust are solved by reputation systems, social ties, and administrative governance, but these are often measured independently or in single platforms. This study takes an eclectic approach, conceiving of trust as an estimate informed by any available evidence. Using transaction size as a proxy for trust I estimate the association between competing sources of trust – mediation, reputation, authentication, and social ties – and transaction value using multilevel regression. Using data from two online drug markets, I find mixed evidence that reputation and authentication are associated with transaction value, whereas results are consistent for social ties. Furthermore, transactions outside the scope of administrative mediation are generally larger. These findings have implications for future research and suggest increased attention should be given to the role of mediation practices and social ties.
Worker selection in crowdsensing plays an important role in the quality control of sensing services. The majority of existing studies on worker selection were largely dependent on a trusted centralized server, which might suffer from single point of failure, the lack of transparency and so on. Some works recently proposed blockchain-based crowdsensing, which utilized reputation values stored on blockchains to select trusted workers. However, the transparency of blockchains enables attackers to effectively infer private information about workers by the disclosure of their reputation values. In this article, we proposed the TrustWorker, a trustworthy and privacy-preserving worker selection scheme for blockchain-based crowdsensing. By taking the advantages of blockchains such as decentralization, transparency and immutability, our TrustWorker could make the worker selection process trustworthy. To protect workers’ reputation privacy in our TrustWorker, we adopted a deterministic encryption algorithm to encrypt reputation values and then selected the top
N
workers in the light of secret minimum heapsort scheme. Finally, we theoretically analyzed the effectiveness and efficiency of our TrustWorker, and then conducted a series of experiments. The theoretical analysis and experiment results demonstrate that our TrustWorker can achieve trustworthy worker selection, while ensuring the workers’ privacy and the high quality of sensing services.
Purpose
This study aims to identify the challenges in the healthcare industry as it adopts an omnichannel setup in an emerging economy context. Further, the study determines the scope of blockchain in addressing these challenges.
Design/methodology/approach
The study uses a qualitative approach to understand the challenges in the omnichannel healthcare industry and know the scope of blockchain in building an omnichannel healthcare system. In the first stage, it did an in-depth analysis of the extant literature, followed by a Delphi study with 24 healthcare experts.
Findings
The study presents the current challenges in the omnichannel healthcare sector in an emerging economy. Further, it develops a novel conceptual framework for blockchain adoption in the omnichannel healthcare industry. The study also presents propositions that will help healthcare service providers enhance decision-making concerning the adoption of blockchain in the healthcare industry.
Research limitations/implications
The research results may lack generalizability due to the exploratory approach and emerging economies context. Theoretically, in this study, the authors extend the theory of swift trust and organization information processing theory in an omnichannel healthcare context.
Practical implications
The propositions provided in this paper can help healthcare managers make strategic decisions on the scope of adoption of blockchain for omnichannel healthcare.
Originality/value
This study explores the understudied area of challenges in omnichannel healthcare and the scope of blockchain for omnichannel healthcare in an emerging economy context.
Reputation/trust-based blockchain systems have attracted considerable research interests for better integrating Internet of Things with blockchain in terms of throughput, scalability, energy efficiency, and incentive aspects. However, most existing works only consider static adversaries. Hence, they are vulnerable to slowly adaptive attackers, who can target validators with high reputation value to severely degrade the system performance. Therefore, we introduce
, a privacy-preserving scheme tailored for reputation-based blockchains. Our basic idea is to hide both the identity and reputation of the validators by periodically changing the identity and reputation commitments (i.e., aliases), which makes it much more difficult for slowly adaptive attackers to identify validators with high reputation value. To realize this idea, we utilize privacy-preserving Pedersen-commitment-based reputation updating and leader election schemes that operate on concealed reputations within an epoch. We also introduce a privacy-preserving identity update protocol that changes the identity and time-window-based cumulative reputation commitments during each epoch transition. We have implemented and evaluated
on the Amazon Web Service. The experimental results and analysis show that
achieves great privacy-preserving features against slowly adaptive attacks with little overhead.
It has been proved by recent works that reputation can help to improve the efficiency of blockchain and enhance the fairness of energy trading markets. However, the application of distributed reputation in the energy field has not been fully studied yet. In this paper, we design a distributed reputation system to simulate real-world trust in blockchain-based peer-to-peer energy trading. It is a comprehensive reputation system in the sense that reputation scores are decided by the behavior of participants as consensus nodes, energy buyer, and energy sellers. Its implementation relies on blockchain, especially the smart contract technology, to achieve distributed and automatic reputation management. The distributed reputation system in turn helps to implement a delegated consensus algorithm for blockchain and a reputation-based k-double auction matchmaking scheme for peer-to-peer energy trading. In addition, we define a fairness indicator to capture the reputation-based average benefits and costs when considering reputation as the contribution to the peer-to-peer energy trading market. By simulating the comprehensive system, the numerical results demonstrate the effects of distributed reputation in improving the efficiency of blockchain and balancing fairness indicators between sellers and buyers during peer-to-peer energy trading. As far as we know, this paper is one of the few works to provide a formal method of evaluating the fairness of the peer-to-peer energy trading market.
Blockchain technology is gaining a lot of ground as a research topic lately. Wireless ad hoc network researchers are studying and applying blockchain to solve security and reliability issues. Blockchain is a distributed database maintained by multiple nodes in the network, and it is used as a solution to trust and security issues. Within a vehicular ad hoc network (VANET), vehicles provide mutual road safety by generating and broadcasting messages. However, due to the lack of trust in these networks, the reliability of the messages exchanged is questionable. To alleviate this problem, reputation systems have been proposed. Howbeit, these systems require trust and rewards management. Due to the characteristics of VANET, most safety systems require repetitive processes that have a direct impact on performance (resources). The proposed system provides all vehicles in the network with a distributed, highly secure and tamper-proof common framework for routing in VANETs using the Blockchain. In order to incorporate the Blockchain into the VANETs, we use the Optimized Link State Routing (OLSR) as a characteristic protocol. The OLSR is a routing protocol that presents several security concerns because its routing mechanism is based on the availability of a small group of nodes called Multi-point Relay (MPR), and the security mechanisms are executed at each node individually with repetitive processes to be performed. In our contribution, we use blockchain, as a reliable and highly secure technology, to solve OLSR security issues, motivating (rewarding) vehicles to collaborate and avoiding repetitive detection processes. The simulation shows that our system is very efficient to be used in environments with limited resources like VANET. Detection time and detection overhead are reduced, as isolation of malicious nodes increases the efficiency of the detection process.
Critical event information dissemination has been proliferating on VANET allowing road safety via connected vehicular communications. Despite the prospect of promising applications in vehicular networks, it faces unresolved challenges that hold the capability to slow down network performance upon deployment, especially in terms of security. Particularly, insider attacks such as Blackhole attacks that are carried out against VANET systems can disrupt the networks’ average performance and prevent communication between vehicles entirely. Many state-of-the-art solutions have been proposed to detect and eliminate such nodes based on reputation systems and broadcast routing. However, if the network consists of multiple malicious nodes, the message dissemination could fail due to broadcast message tampering attack or packet dropping. In this study, we explore to answer the question of “can we improve the insider attacks mitigation in VANET by enhancing the trust in the network system so that the possibility of successful attacks can be reduced?”. To answer this question, in this paper, we present the blockchain-based decentralized trust score framework for the participating nodes to detect and blacklist insider attackers in VANET proactively. We propose a two-level detection system, in which at the first level, neighboring nodes calculate the trust individually. In the second level, a consortium blockchain-based system with authorized Road Side Units (RSUs) as validators, aggregate trust scores for vehicular nodes. Then, based on trust scores reported by the neighboring nodes, the blacklist node tables are dynamically modified. The experimental analysis shows that the proposed system is efficient and scalable in terms of the network’s practical size. Finally, we also present evidence that the proposed system improves the VANET performance by mitigating and blacklisting insider attack launching nodes.
The Intelligent Transportation System (ITS) has become essential for the economical and technological development of a country. The maturity of communication technologies (Vehicle to Infrastructure (V2I) and Vehicle to Vehicle (V2V)) and the amalgamation of smart grids, electric vehicles (EVs) and energy trading resulted in a storm of research opportunities for green ITS. In addition, the combination of vehicular communication technologies and ITS enable efficient selection of EV charging stations (CS) and scheduling EVs charging requirements in real-time. However, the untrusted centralized nature of energy markets and EV charging infrastructures result in several privacy and security threats to EV user's private information. These security and privacy threats include targeted advertisements, privacy leakage, selling data to third party, etc. In this work, we propose BlockEV, a blockchain-based efficient CS selection protocol for EVs to ensure the security and privacy of the EV users, availability of the reserved time slots at CSs, high Quality of Service (QoS) and enhanced EV user comfort. First, a blockchain-based framework is introduced to implement secure charging services and trusted reservation for EVs with the execution of smart contract. Second, we focus on the efficient CS selection and propose a mechanism for EVs to select the CS locally without sharing private information to CS, while fulfilling their service requirements. Evaluations show that the proposed BlockEV is scalable with significantly low blockchain transaction and storage overhead.
Reputation systems offer a medium where users can quantify the trustworthiness or reliability of individuals providing online services or products. In the past, researchers have used blockchain technology for reputation systems. Smart contracts are computer protocols which have the primary objective to supervise, implement, or validate performances or negotiations of contracts. However, through a systematic literature review, in this paper, we find that the existing literature has not proposed a framework that facilitates the interchangeable use of smart contracts for blockchain-based reputation systems. We adopt a systematic literature review from 30 relevant studies and the data from them were extracted before identifying the research gaps. As a solution to the research gaps, we propose the FarMed framework for creating an intelligent framework that will execute Ethereum smart contact-based reputation systems and develop reliable blockchain-based protocols for transferring reputation values from one provider to another. We briefly explain our proposed framework before concluding with our future work.
The integration of renewables and microgrids into the modern electric grid has forced financial, technical, and policy change. Control strategies that enable energy trading between microgrids provide more effective use of distributed energy resources. This study presents a decentralized, autonomous control approach to manage energy transactions between nodes of a grid-connected microgrid network. Agents in the network form relationships, with interactions between agents described by quantifying their reputation using historical knowledge of familiarity, acceptance, and value between nodes. Methods are demonstrated on a network of 9 nodes with varying levels of network connectivity for a simulated year. Results indicate that certain relationships between nodes allow some microgrids to achieve greater financial benefit than others through a reduction in operating cost. A baseline case with no trading is used to compare results, with nodes experiencing anywhere from 3% to 72% reduction in their annual cost of energy depending on network connectivity and configuration. Node pair connections with the most opportunities to trade had a significant effect on the amount of excess renewables successfully traded in the network, and network configurations containing those pairs also resulted in the lowest grid load factors. Enabling localized trading led to a decrease in utility revenue by 21–27%, which could be partly recouped by establishing wheeling charges or trading fees.
Edge-assisted mobile crowdsensing is an emerging paradigm where mobile users collect and share sensing data at the edge of networks. With the abundant on-board resources and large movement patterns of intelligent vehicles, they have become candidates to sense up-to-date and fine-grained information for large areas. The design of vehicle recruitment in edge-assisted mobile crowdsensing is challenging due to the selfishness and the uneven distribution of vehicles, as well as the spatiotemporal constraints of vehicular crowdsensing applications. To deal with these challenges, this paper proposes an incentive-aware vehicle recruitment scheme for edge-assisted mobile crowdsensing. In particular, we first design an incentive mechanism to motivate cooperation among the edge server and the intelligent vehicles, and apply the Nash bargaining theory to obtain the optimal cooperation decision. Furthermore, a practical and efficient scheme is proposed to weigh the contribution of vehicles. Then, we formulate the participant recruitment as an optimization problem, and prove that it is NP-hard. To address this problem, an effective heuristic algorithm with a guaranteed approximation ratio is proposed, by leveraging the property in submodular optimization. Finally, we conduct extensive simulations, based on a real dataset, to validate the superiority of the proposed schemes.
High voter turnout in elections and referendums is very desirable in order to ensure a robust democracy. Secure electronic voting is a vision for the future of elections and referendums. Such a system can counteract factors that hinder strong voter turnout such as the requirement of physical presence during limited hours at polling stations. However, this vision brings transparency and confidentiality requirements that render the design of such solutions challenging. Specifically, the counting must be implemented in a reproducible way and the ballots of individual voters must remain concealed. In this paper, we propose and evaluate a referendum protocol that ensures transparency, confidentiality and integrity, in trustless networks. The protocol is built by combining Secure Multi-Party Computation (SMPC) and Distributed Ledger or Blockchain technology. The persistence and immutability of the protocol communication allows verifiability of the referendum outcome on the client side. Voters therefore do not need to trust in third parties. We provide a formal description and conduct a thorough security evaluation of our proposal.
Electric vehicles (EVs) are being introduced by different manufacturers, thanks to their environment-friendly perspective to alleviate CO
2
pollution. In this paper, the proposed EV charging management scheme enables pre-empted charging service for heterogeneous EVs (
depends on different charging capabilities, brands, etc.
). Particularly, the anticipated EVs’ charging reservations information, including their arrival time and expected charging time at charging stations (CSs), are brought for planning CS-selection (where to charge). Along with applying
ubiquitous
cellular network communication to deliver (
delay tolerant
) EVs’ charging reservations, we further study the feasibility of applying
opportunistic
vehicle-to-vehicle (V2V) communication with delay/disruption tolerant networking (DTN) nature, due primarily to its flexibility and cost-efficiency in vehicular ad hoc networks (VANETs). Evaluation results under the realistic Helsinki city scenario show that applying the V2V-based charging reservation is promisingly cost-efficient in terms of communication overhead, while achieving a comparable charging performance to apply cellular network communication.
With the digitalization of various industries, the combination of cloud computing and the Industrial Internet of Things (IIoT) has become an attractive data processing paradigm. However, cloud-assisted IIoT still has challenging issues including authenticity of data, untrustworthiness of third parties, and system robustness and efficiency. Recently Karati et al. [1] proposed a lightweight certificateless signature (CLS) scheme for cloud-assisted IIoT, that was claimed to address both authenticity of data and untrustworthiness of third parties. In this paper, we demonstrate that the CLS scheme fails to achieve the claimed security properties by presenting four types of signature forgery attacks. We also propose a robust certificateless signature (RCLS) scheme to address the aforementioned challenges. Our RCLS only needs public channels and is proven secure against both public key replacement attacks and malicious-but-passive third parties in the standard model. Performance evaluation indicates that RCLS outperforms other CLS schemes and is suitable for IIoT.
